<?php
	include_once 'essential.php';
	
	$login = mysql_real_escape_string($_POST['login']);
	$pass = mysql_real_escape_string($_POST['pass']);
	
	$user = new User();
	
	$result = $user->search("sys_user.*,sys_group.id group_id, sys_group.name group_name", " INNER JOIN sys_group ON sys_user.id_group = sys_group.id WHERE", "login = '".$login."' AND pass = '".$pass."'");
	
	
	if(mysql_num_rows($result) == 0)
	{
		header("location:error.php?error=405");
	}else{
		//salva os dados enconstrados na variavel resultado
		$user = mysql_fetch_object($result);
		
		if($user->active){
			//se a sessao nao existir, inicia uma
			if(!isset($_SESSION)) session_start();
			//Salva dados encontrados na sessão
			$_SESSION['ID'] = $user->id;
			$_SESSION['NAME'] = $user->name;
			$_SESSION['LOGIN'] = $user->login;
			$_SESSION['GROUPID'] = $user->group_id;
			$_SESSION['GROUPNAME'] = $user->group_name;
			session_regenerate_id();
			
			header("location: ../index.php");
		}else{
			header("location:error.php?error=409");
		}
		
		mysql_close();
	}
?>